obfuskit 0.1.0 → 0.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 64dba62899b6d17faac7cb64e3797074bf7d532bda2ed2541b7eaf0a7e831be4
-  data.tar.gz: eb181aeb2d05fffc68a2c7bc1229ed9524aa5bceebbf648e4ae80d342d8c3e52
+  metadata.gz: 4780130a4c77f313d5ecb10479d96b739fcdc6bcc1f7199bd847b27783b89848
+  data.tar.gz: f95871c0915fcf8cbacf5c02930bda78ed39cc2dee886450857b1cc72c7324b3
 SHA512:
-  metadata.gz: 152431909ff9df68577645f73f68cb267662291b3e4ac8e13c95a34dd204718951a238f2d01c5d16d335a69083e79091e420b4103e0f6a35f151e0be8d09890d
-  data.tar.gz: 3167acf2e668dc3fd4b5eb0a6d1b2d31f6f1d0eeaa98316f8375212baae9b56e0254b22a8a610d77d0b0238d2a832323734381dba8352d9df92e117e063f35ae
+  metadata.gz: a14410ebaad463c3672d1d18f447112e5e6180552977525d110b1c19ebd58a68e79685f4560849c9b86dca3573c13bb51ae98e1ea6939840045754037a8dd391
+  data.tar.gz: 87f6d65646ef72825b6bc3a4f75437ca6b26dd68ead31978ec0663bfac917669946a753ee026cfb053f4385947a1272cf9200b781ac8497461d5ff9d3664c1ea

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2024 Martin Gratzer
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,66 @@
+# ObfusKit
+
+ObfusKit is a ruby script to generate obfuscated secrets for `Swift` and `Kotlin`.
+
+## Installation and usage
+
+Install the latest version of the gem using:
+
+```
+gem install obfuskit
+```
+
+To generate Swift code run the following command:
+
+```sh
+obfuskit swift SECRET_1 SECRET_2 > generated.swift
+```
+
+It will will create the file `generated.swift` containing an obfuscated version of the environment variables `SECRET_1` and `SECRET_2`. 
+This file should be excluded from the git repository and generated at build time. 
+The obfuscation salt is regenerated for each run.
+
+```swift
+import Foundation
+
+enum ObfusKit {
+	static let SECRET_1: String = _o.r([30, 113, 37, 119, 32, 37, 36])
+	static let SECRET_2: String = _o.r([24, 117, 35, 119, 38, 33, 34])
+
+	private class _3f3eccd2e5ea46b39738e5502bda6bef { }
+	private static let _o = O(String(describing: _3f3eccd2e5ea46b39738e5502bda6bef.self))
+}
+
+struct O { private let c: [UInt8]; private let l: Int; init(_ s: String) { self.init([UInt8](s.utf8)) }; init(_ c: [UInt8]) { self.c = c; l = c.count }; @inline(__always) func o(_ v: String) -> [UInt8] { [UInt8](v.utf8).enumerated().map { $0.element ^ c[$0.offset % l] } }; @inline(__always) func r(_ value: [UInt8]) -> String { String(bytes: value.enumerated().map { $0.element ^ c[$0.offset % l] }, encoding: .utf8) ?? "" } }
+```
+
+The same concept applies for the `kotlin` language using:
+
+```sh
+obfuskit kotlin com.myapp.configuration.environment SECRET_1 SECRET_2 > generated.kt
+```
+It will create the Kotlin version `generated.kt`.
+
+```kotlin
+package com.myapp.configuration.environment
+
+object ObfusKit {
+        private val _o = O(_6572131328ef462d9d4a05cf4b2a2516::class.java.simpleName)
+        private class _6572131328ef462d9d4a05cf4b2a2516
+
+        val SECRET_1: String = _o.r(byteArrayOf(30, 116, 118, 115, 119, 119, 116))
+        val SECRET_2: String = _o.r(byteArrayOf(24, 112, 112, 115, 113, 115, 114))
+}
+
+class O{private val a:ByteArray;private val b:Int;constructor(s:String){a=s.toByteArray(Charsets.UTF_8);b=a.size};fun o(v:String):ByteArray{val d=v.toByteArray(Charsets.UTF_8);return ByteArray(d.size){i->(d[i].toInt() xor a[i%b].toInt()).toByte()}};fun r(value:ByteArray):String{return String(ByteArray(value.size){i->(value[i].toInt() xor a[i%b].toInt()).toByte()},Charsets.UTF_8)}}
+
+```
+
+## Features
+- [x] Generate Swift
+- [x] Generate Kotlin
+- [x] Read secrets from the Environment 
+- [x] Add dynamic salt for obfuscation
+- [x] Support for .env files
+- [ ] Use template engine for code generation
+- [ ] Read secrets from 1Password CLI

data/Rakefile

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task default: :spec

data/exe/obfuskit

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require 'obfuskit/generator'
+generator = Obfuskit::Generator.new
+generator.generate()

data/lib/obfuskit/generator.rb

@@ -0,0 +1,113 @@
+# frozen_string_literal: true
+require_relative 'obfuscator'
+require 'securerandom'
+require 'dotenv'
+
+module Language
+  SWIFT = "Swift"
+  KOTLIN = "Kotlin"
+end
+
+module Obfuskit
+
+  class Generator
+
+    def generate()
+
+      Dotenv.load
+      args = ARGV
+      first_arg = args.shift
+
+      language_map = {
+        "swift" => Language::SWIFT,
+        "kotlin" => Language::KOTLIN,
+        "kt" => Language::KOTLIN
+      }
+
+      if first_arg != nil && language_map.key?(first_arg.downcase)
+
+        # Generate a random UUID and remove the hyphens
+        obfuscation_salt = SecureRandom.uuid.to_s.gsub("-", "")
+        # Create a new instance of the O class with the obfuscation salt
+        obfuscator = Obfuscator.new("_" + obfuscation_salt)
+
+        case language_map[first_arg]
+        when Language::SWIFT
+          puts generate_swift(args, obfuscator)
+        when Language::KOTLIN
+          puts generate_kotlin(args, obfuscator)
+        end
+      else
+        puts "First argument is not a valid language. Use `swift` or `kotlin`."
+      end
+    end
+
+    private
+    # Function to generate Swift code
+    def generate_swift(args, obfuscator)
+      # Start building the Swift code
+      code = "import Foundation\n\n"
+      code += "enum ObfusKit {\n"
+      # For each argument, if it's in the environment variables, add it to the code
+      args.each_with_index do |arg, index|
+        if ENV[arg] != nil
+          code += "\tstatic let #{arg}: String = _o.r(#{obfuscator.obfuscate(ENV[arg])})\n"
+        end
+      end
+      code += "\n"
+      # Add the obfuscation salt and the obfuscator to the code
+      code += <<-STRING
+\tprivate class _#{obfuscator.salt} { }
+\tprivate static let _o = O(String(describing: _#{obfuscator.salt}.self))
+}\n\n
+STRING
+
+      # Add the obfuscator source code to the code
+      code += 'struct O { private let c: [UInt8]; private let l: Int; init(_ s: String) { self.init([UInt8](s.utf8)) }; init(_ c: [UInt8]) { self.c = c; l = c.count }; @inline(__always) func o(_ v: String) -> [UInt8] { [UInt8](v.utf8).enumerated().map { $0.element ^ c[$0.offset % l] } }; @inline(__always) func r(_ value: [UInt8]) -> String { String(bytes: value.enumerated().map { $0.element ^ c[$0.offset % l] }, encoding: .utf8) ?? "" } }'
+      # Return the generated code
+      return code
+    end
+
+    # Function to generate Kotlin code
+    def generate_kotlin(args, obfuscator)
+      # Get the first argument as the package name
+      package = args.shift
+      # If no package name is provided, return an empty string
+      if package == nil
+        puts "No package name provided."
+        return nil
+      end
+
+      # Start building the Kotlin code
+      code = "package #{package}\n\n"
+      code += "object ObfusKit {\n"
+      # Add the obfuscation salt and the obfuscator to the code
+      code += <<-STRING
+\tprivate val _o = O(_#{obfuscator.salt}::class.java.simpleName)
+\tprivate class _#{obfuscator.salt}\n
+STRING
+
+      # For each argument, if it's in the environment variables, add it to the code
+      args.each_with_index do |arg, index|
+        if ENV[arg] != nil
+          code += "\tval #{arg}: String = _o.r(byteArrayOf(#{obfuscator.obfuscate(ENV[arg]).map { |i| i.to_s }.join(', ')}))\n"
+        end
+      end
+      code += "}\n\n"
+
+      # Add the obfuscator source code to the code
+      code += 'class O{private val a:ByteArray;private val b:Int;constructor(s:String){a=s.toByteArray(Charsets.UTF_8);b=a.size};fun o(v:String):ByteArray{val d=v.toByteArray(Charsets.UTF_8);return ByteArray(d.size){i->(d[i].toInt() xor a[i%b].toInt()).toByte()}};fun r(value:ByteArray):String{return String(ByteArray(value.size){i->(value[i].toInt() xor a[i%b].toInt()).toByte()},Charsets.UTF_8)}}'
+      # Return the generated code
+      return code
+    end
+
+    # Function to get the source code for the obfuscator
+    def obfuscator_source(file_name)
+      # Get the full path to the file
+      source_file_path = File.expand_path(file_name, __dir__)
+      # If the file exists, read and return its contents
+      return File.read(source_file_path) if File.exist?(source_file_path)
+    end
+  end
+
+end

data/lib/obfuskit/obfuscator.rb

@@ -0,0 +1,34 @@
+# frozen_string_literal: true
+
+# A class representing an obfuscator.
+
+module Obfuskit
+  class Obfuscator
+      # Initializes the obfuscator with a string.
+      # The string is converted to an array of bytes and stored in @c.
+      # The size of the array is stored in @l.
+      def initialize(salt)
+        salt = salt.bytes if salt.is_a? String
+        @salt = salt
+        @length = @salt.size
+      end
+
+      def salt
+        @salt
+      end
+
+      # Obfuscates a string.
+      # The string is converted to an array of bytes and each element is XORed with an element from @c.
+      # The index of the element from @c is the index of the element from the string modulo @l.
+      def obfuscate(value)
+        value.bytes.map.with_index { |b, i| b ^ @salt[i % @length] }
+      end
+
+      # Reverses the obfuscation of an array of bytes.
+      # Each element is XORed with an element from @c and the result is converted back to a string.
+      # The index of the element from @c is the index of the element from the array modulo @l.
+      def reveal(value)
+        value.map.with_index { |b, i| b ^ @salt[i % @length] }.pack('C*').force_encoding('utf-8')
+      end
+  end
+end

data/lib/obfuskit/version.rb

@@ -0,0 +1,5 @@
+# frozen_string_literal: true
+
+module Obfuskit
+  VERSION = "0.1.2"
+end

data/sig/obfuskit/generator.rbs

@@ -0,0 +1,10 @@
+module Obfuskit
+  class Generator
+    def generate: -> void
+
+    private
+    def generate_kotlin: -> String
+    def generate_swift: -> String
+    def obfuscator_source: -> String
+  end
+end

data/sig/obfuskit/obfuscator.rbs

@@ -0,0 +1,7 @@
+module Obfuskit
+  class Obfuscator
+    @length: Int
+    @salt: String
+    def salt: -> String
+  end
+end

data/sig/obfuskit.rbs

@@ -0,0 +1,3 @@
+module Obfuskit
+  VERSION: String
+end

metadata

@@ -1,32 +1,38 @@
 --- !ruby/object:Gem::Specification
 name: obfuskit
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.2
 platform: ruby
 authors:
 - Martin Gratzer
-autorequire:
-bindir: bin
+autorequire: 
+bindir: exe
 cert_chain: []
-date: 2024-01-16 00:00:00.000000000 Z
+date: 2024-01-18 00:00:00.000000000 Z
 dependencies: []
-description: Environment variable obfuscation for Swift and Kotlin
+description: Generate Swift and Kotlin files with obfuscated environment variables.
 email: mgratzer@gmail.com
 executables:
 - obfuskit
 extensions: []
 extra_rdoc_files: []
 files:
-- bin/obfuskit
-- lib/O.rb
-- lib/Omin.kt
-- lib/Omin.swift
-- lib/obfuskit.rb
+- LICENSE.txt
+- README.md
+- Rakefile
+- exe/obfuskit
+- lib/obfuskit/generator.rb
+- lib/obfuskit/obfuscator.rb
+- lib/obfuskit/version.rb
+- sig/obfuskit.rbs
+- sig/obfuskit/generator.rbs
+- sig/obfuskit/obfuscator.rbs
 homepage: https://github.com/mgratzer/obfuskit
 licenses:
 - MIT
-metadata: {}
-post_install_message:
+metadata:
+  homepage_uri: https://github.com/mgratzer/obfuskit
+post_install_message: 
 rdoc_options: []
 require_paths:
 - lib
@@ -34,15 +40,15 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 3.0.0
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.3
-signing_key:
+rubygems_version: 3.5.3
+signing_key: 
 specification_version: 4
-summary: Environment variable obfuscation for Swift and Kotlin
+summary: Environment variable obfuscation for Swift and Kotlin.
 test_files: []

data/bin/obfuskit

@@ -1,2 +0,0 @@
-#!/usr/bin/env ruby
-require 'obfuskit'

data/lib/O.rb

@@ -1,25 +0,0 @@
-# A class representing an obfuscator.
-class O
-    # Initializes the obfuscator with a string.
-    # The string is converted to an array of bytes and stored in @c.
-    # The size of the array is stored in @l.
-    def initialize(s)
-      s = s.bytes if s.is_a? String
-      @c = s
-      @l = @c.size
-    end
-  
-    # Obfuscates a string.
-    # The string is converted to an array of bytes and each element is XORed with an element from @c.
-    # The index of the element from @c is the index of the element from the string modulo @l.
-    def o(v)
-      v.bytes.map.with_index { |b, i| b ^ @c[i % @l] }
-    end
-  
-    # Reverses the obfuscation of an array of bytes.
-    # Each element is XORed with an element from @c and the result is converted back to a string.
-    # The index of the element from @c is the index of the element from the array modulo @l.
-    def r(value)
-      value.map.with_index { |b, i| b ^ @c[i % @l] }.pack('C*').force_encoding('utf-8')
-    end
-  end

data/lib/Omin.kt

@@ -1 +0,0 @@
-class O{private val a:ByteArray;private val b:Int;constructor(s:String){a=s.toByteArray(Charsets.UTF_8);b=a.size};fun o(v:String):ByteArray{val d=v.toByteArray(Charsets.UTF_8);return ByteArray(d.size){i->(d[i].toInt() xor a[i%b].toInt()).toByte()}};fun r(value:ByteArray):String{return String(ByteArray(value.size){i->(value[i].toInt() xor a[i%b].toInt()).toByte()},Charsets.UTF_8)}}

data/lib/Omin.swift

@@ -1 +0,0 @@
-struct O { private let c: [UInt8]; private let l: Int; init(_ s: String) { self.init([UInt8](s.utf8)) }; init(_ c: [UInt8]) { self.c = c; l = c.count }; @inline(__always) func o(_ v: String) -> [UInt8] { [UInt8](v.utf8).enumerated().map { $0.element ^ c[$0.offset % l] } }; @inline(__always) func r(_ value: [UInt8]) -> String { String(bytes: value.enumerated().map { $0.element ^ c[$0.offset % l] }, encoding: .utf8) ?? "" } }

data/lib/obfuskit.rb

@@ -1,107 +0,0 @@
-#!/usr/bin/env ruby
-
-# Import the necessary modules and files
-require_relative 'O'
-require 'securerandom'
-require 'dotenv'
-
-# Define a module for language constants
-module Language
-    SWIFT = "Swift"
-    KOTLIN = "Kotlin"
-end
-
-# Function to generate Swift code
-def generate_swift(args)
-    # Get the source code for the obfuscator
-    obfuscator_source = obfuscator_source('Omin.swift')
-    # Generate a random UUID and remove the hyphens
-    obfuscation_salt = SecureRandom.uuid.to_s.gsub("-", "")
-    # Create a new instance of the O class with the obfuscation salt
-    o = O.new("_" + obfuscation_salt)
-
-    # Start building the Swift code
-    code = "import Foundation\n\n"
-    code += "enum ObfusKit {\n"
-    # For each argument, if it's in the environment variables, add it to the code
-    args.each_with_index do |arg, index|
-        if ENV[arg] != nil 
-            code += "\tstatic let #{arg}: String = _o.r(#{o.o(ENV[arg])})\n"
-        end
-    end
-    code += "\n"
-    # Add the obfuscation salt and the obfuscator to the code
-    code += <<-STRING
-\tprivate class _#{obfuscation_salt} { }
-\tprivate static let _o = O(String(describing: _#{obfuscation_salt}.self))
-}\n\n
-STRING
-
-    # Add the obfuscator source code to the code
-    code += obfuscator_source
-    # Return the generated code
-    return code
-end
-
-# Function to generate Kotlin code
-def generate_kotlin(args)
-    # Get the source code for the obfuscator
-    obfuscator_source = obfuscator_source('Omin.kt')
-    # Generate a random UUID and remove the hyphens
-    obfuscation_salt = SecureRandom.uuid.to_s.gsub("-", "")
-    # Create a new instance of the O class with the obfuscation salt
-    o = O.new("_" + obfuscation_salt)
-    
-    # Start building the Kotlin code
-    code = "object ObfusKit {\n"
-    # Add the obfuscation salt and the obfuscator to the code
-    code += <<-STRING
-\tprivate val _o = O(_#{obfuscation_salt}::class.java.simpleName)
-\tprivate class _#{obfuscation_salt}\n
-STRING
-
-    # For each argument, if it's in the environment variables, add it to the code
-    args.each_with_index do |arg, index|
-        if ENV[arg] != nil 
-            code += "\tval #{arg}: String = _o.r(byteArrayOf(#{o.o(ENV[arg]).map { |i| i.to_s }.join(', ')}))\n"
-        end
-    end
-    code += "}\n\n"
-
-    # Add the obfuscator source code to the code
-    code += obfuscator_source
-    # Return the generated code
-    return code
-end
-
-# Function to get the source code for the obfuscator
-def obfuscator_source(file_name)
-    # Get the full path to the file
-    source_file_path = File.expand_path(file_name, __dir__)
-    # If the file exists, read and return its contents
-    return File.read(source_file_path) if File.exist?(source_file_path)
-end
-
-# MAIN
-
-language_map = {
-    "swift" => Language::SWIFT,
-    "kotlin" => Language::KOTLIN,
-    "kt" => Language::KOTLIN
-}
-
-Dotenv.load
-
-args = ARGV
-first_arg = args.shift
-
-if first_arg != nil && language_map.key?(first_arg.downcase)    
-    case language_map[first_arg]
-    when Language::SWIFT
-        puts generate_swift(args)
-    when Language::KOTLIN
-        puts generate_kotlin(args)
-    end
-else
-    puts "First argument is not a valid language. Use `swift` or `kotlin`."
-end